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DETAILED ACTION 

1. Claims 1-21 are pending 

Claim Objections 

2. 

Claims 7 and 8 are objected to under 37 CFR 1.75(c), as being of improper 
dependent form for failing to further limit the subject matter of a previous claim. 
Applicant is required to cancel the claim(s), or amend the claim(s) to place the claim(s) 
in proper dependent form, or rewrite the claim(s) in independent form. 

Claim 7 recites the limitation "a request from the user to change the permission 
setting value for an arbitrary one of the levels." Claim 7 depends on Claim 6 which 
depends on Claim 4. Claim 4 recites the limitation "a request form the user to change 
the setting value for either of the permission levels other than said executabililty or open 
operation." Therefore Claim 7 does not recite every limitation upon the parent claim 
(Claim 4). Claim 8 is dependent on Claim 7 and is rejected under the same rationale. 

Claim Rejections - 35 USC §112 

3. 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 



Application/Control Number: 10/787,108 Page 3 

Art Unit: 2139 

Claim 4 recites the limitation "A server according to Claim 4" in the first line of the 
claim. There is insufficient antecedent basis for this limitation in the claim. For the 
remainder of the Office Action the Examiner assumes Claim 4 depends on Claim 1 . 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21 (2) 
of such treaty in the English language. 

Claims 1, 9-11, 13 and 15-21 rejected under 35 U.S.C. 102(e) as being 
anticipated by Belani (6772350). 

Regarding Claims 1 and 9, 

Belani teaches a server (Figure 1 , 20) comprising: 

first means for categorizing permission setting values indicating whether object 
information items of various attribute of a registered user are disclosable to other 
persons or not depending on a level of the disclosability; ("Fig. 3 depicts an exemplary 
access list information 50 for a resource... For each operation, a user or group may be granted 
"positive" permission or "negative" permission." Column 7, lines 5-14). The Examiner interprets 
the Access Control list as categorizing permissions of users. The Applicant defines "whether an 
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item of an object information of each user is disclosable to an outsider" as "a permission" 

(Paragraph [0070] of Applicant's Specification) 

and second means for managing the permission setting values hierarchically. 

(Figure 6. shows the permissions arranged hierarchically by resource and Figure 7 shows 
permissions arrange hierarchically by user) where the second means further imparting 
vertical relations thereto in accordance with types of the attribute information items and 
systematically categorizing the attribute information items. The Examiner interprets 
"vertical relations" as hierarchical relations. 

Regarding Claim 10, 

Belani teaches a server comprising: an interface for receiving transmitted information 
(Figure 2, User Interface Input Devices, 44); storage means (Figure 2, File Storage 
Subsystem, 36)] and means for reading information stored in the storage means 
therefrom (Figure 2, Memory Subsystem, 34), wherein said storage means has an entry 
table ("Fig. 3 depicts an exemplary access list information 50 for a resource "R" organized in a 
table format" Column 7, lines 5-6) for storing object information items corresponding to 
various attribute of a registered user and permission setting values ("Access list 
information identifies the resource R in the first column. The second column identifies the users 
or groups which are allowed to perform operations on resource "R". The third column 56 
identifies the various operations that may be peformed on resource "R" and permissions 
associated with the operations for various users." Column 7, lines 6-13) indicating whether 
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said attribute information items are disclosable to other persons or not, said permission 
setting values being categorized in accordance with a level of the disclosability thereof. 

The Examiner interprets the Access Control list as categorizing permissions of users. 
The Applicant defines "whether an item of an object information of each user is disclosable to 
an outsider" as "a permission" (Paragraph [0070] of Applicant's Specification) 

Regarding Claim 11, 

Belani teaches a server according to claim 10, wherein said permission setting 
values are categorized into a plurality of levels having vertical relations thereamong 
and said entry table stores the setting value given to any of the plurality of levels. 
(Figures 6 and 7 show hierarchical relations in accordance to types of object information items 
and systematically categorizing object information items) 

The Examiner interprets "vertical relations" as hierarchical relations. 

Regarding Claim 15, 

Belani teaches a server according to claim 1 1 , further comprising: an external storage 
device storing therein copy data of said entry table, ("access list information associated 
with the various resources may be stored in storage subsystem 32... File storage 
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subsystem... may include... a floppy disk drive along with associated removable media, 
a... (CD-ROM)" Column 6, lines 7-9, 1 8-24) 

Regarding Claim 16, 

Belani teaches a method for controlling a server, comprising the step of: 
categorizing permission setting values indicating whether object information 
items corresponding to various attribute of a registered user are disclosable to other 
persons or not into a plurality of levels; (Tig. 3 depicts an exemplary access list 
information 50 for a resource... For each operation, a user or group may be granted "positive" 
permission or "negative" permission." Column 7, lines 5-14). The Examiner interprets the 
Access Control list as categorizing permissions of users. The Applicant defines "whether an 
item of an object information of each user is disclosable to an outsider" as "a permission" 
(Paragraph [0070] of Applicant's Specification) 

and hierarchically managing said object information items by imparting thereto 
vertical relations depending on a level of the disclosability. (Figure 6. shows the 
permissions arranged hierarchically by resource and Figure 7 shows permissions arrange 
hierarchically by user) 

Regarding Claim 17, 

Belani teaches a method according to claim 16, further comprising the steps of: 
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receiving, from said registered user, a request to change the permission setting 
value for a specified one of the object information items; ("The access controller is 
configured to receive a request from a particular user requesting performance of one or more 
operations on a particular resource. " Column 2, lines 64-66) 

determining a level of the permission setting value for which the change request 
has been made; judging whether there is contradiction between the permission setting 
value belonging to any level higher than the determined level and the permission 
setting value for which said change request has been made; ("The access controller 
attempts to resolve permissions for the operations in the request based on access list 
information for the particular resource and user hierarchy information for the requesting user" 
Column 2, lines 66-67, Column 3, lines 1-2) 

and correcting, when there is contradiction, the permission setting value 
belonging to the level higher than said determined level. {"If the permissions are not 
resolved for all the requested operations, the access controller attempts to resolve permissions 
for the unresolved operations by tracing up the user hierarchy information for the user to 
determine if permissions have been asserted" Column 3, lines 8-15) 

Regarding Claim 18, 

Belani teaches a method according to claim 16, wherein said object information 
items are managed by imparting vertical relations thereto in accordance with types of 
the object information items and categorizing the object information items. (Figure 6. 
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shows the permissions arranged hierarchically by resource and Figure 7 shows permissions 
arrange hierarchically by user) 

Regarding Claim 19, 

Belani teaches a method according to claim 18 further comprising the steps of: 
receiving, from said registered user, a request to change the permission setting value 
for a specified one of the object information items; ("The access controller is configured to 
receive a request from a particular user requesting performance of one or more operations on 
a particular resource. " Column 2, lines 64-66) 

determining a level to which the object information item belongs (Figure 7, displays 
user hierarchy information) The Examiner interprets object information item as a User's 
Identification; judging whether or not there is contradiction between the permission 
setting value for the object information item belonging to any level higher than the level 
of the object information item to which the permission setting value that has received 
the change request belongs and the permission setting value that has received the 
change request; ("The access controller attempts to resolve permissions for the operations in 
the request based on access list information for the particular resource and user hierarchy 
information for the requesting user" Column 2, lines 66-67, Column 3, lines 1-2) 

and notifying, when there is contradiction, the user that the setting change 
request has been refused. (Figure 8, Indicate that one or more operations in "O" could not 
be resolved for user "U" and resource "R", 94) 
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Regarding Claims 20 and 21, 

Belani teaches a service providing system comprising: 

a presence server for categorizing permission setting values indicating whether 
object information items of various attribute of a registered user are disclosable to other 
persons or not depending on a level of the permission and hierarchically managing the 
permission setting values; ("Fig. 3 depicts an exemplary access list information 50 for a 
resource.., For each operation, a user or group may be granted "positive" permission or 
"negative" permission." Column 7, lines 5-14). The Examiner interprets the Access Control list 
as categorizing permissions of users. The Applicant defines "whether an item of an object 
information of each user is disclosable to an outsider" as "a permission" (Paragraph [0070] of 
Applicant's Specification) 

a service providing server for providing a service to a user; (Figure 1, shows the 
Server, 20, interacting with a user 1 6) 

and a terminal with which the user receives the service provided by said service 
providing server, wherein said service providing server issues, to said presence server, 
("User systems 16 provide a mechanism for users or principals to generate requests 
requesting access to resources deployed in computer network " Column 5, lines 20-22) 

an access request for a specified one of the object information items of the user 
to which the service is to be provided, said presence server transmits to said service 
providing server f The request may be sent directly to the controlling server" Column 5, lines 
27-28), a portion of the object information item for which the access request has been 
issued which can be given within a range of the permission setting values, and the 
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service providing server provides the service to the user based on the received portion 
of the object information item. ("ACLR 22 on the controlling server receives the requests, 
and determines if the operations requested by the user can be performed on the requested 
resource" Column 5 lines 31-35). The Examiner interprets the "portion of the object 
information item" as the User/Group ID, 54, in Figure 3. 

Figure 2 displays the system performing the method of providing the service. 

Regarding Claim 13, 

Belani teaches a server according to claim 11, further comprising: means for 

extracting a request to change any of the permission setting values from received 

information; ("The access controller is configured to receive a request from a particular user 

requesting performance of one or more operations on a particular resource." Column 2, lines 
64-66) 

and judging means forjudging whether or not the permission setting value for 
which said change request has been made is contradictory to any of the permission 
setting values higher in rank than the setting value by referencing said entry table. 

("The access controller attempts to resolve permissions for the operations in the request 
based on access list information" Column 2 lines 66-67, Column 3 lines 1-2) 



Claim Rejections - 35 USC § 103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

Claims 2-8, 12 and 14 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Baleni (6772350). 



Regarding Claims 2 and 3, 

Belani teaches a server according to claim 1 . Belani also teaches "the operation 
which can be performed on a resource may include read, write, publish, subscribe, 
edit, delete, update, etc." (Column 7, lines 3-5). The Examiner interprets "subscribe" as 
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open. Belani further teaches a hierarchy based on resources as shown in Figure 6. 
Belani further teaches detection means for detecting contradiction in a specified one of 
the permission setting values based on vertical relations (which the Examiner interprets 
as hierarchical relations) among the permission levels. (If the permissions are not 
resolved for all the requested operations, the access controller attempts to resolve permissions 
for the unresolved operations by tracing up the user hierarchy information for the user to 
determine if permissions have been asserted for the user's ancestors in the access list 
information of the particular resource" Column 3, lines 8-13). The Examiner interprets that 
resolving requested operations inherently requires detection means for detecting 
contradictions in hierarchical relations. 

However Belani does not explicitly teach wherein said first means categorizes 
said permission setting values into exactly three respective levels, where executability 
of open operation is set as a permission level higher than said executability of read 
operation, and executability of read operation is set as a permission level higher than 
said executability of write operation. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the server of Belani to have exactly three respective levels, where 
the open operation is a permission level higher than the read operation and the read 
operation is set a permission level higher than the write operation. 

The motivation for the modification is that Belani already possesses the access 
control list that represent the three operations, as well as a resource hierarchy that has 
permission levels. One of ordinary skill in the art would be able to make the design 
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choice of implementing a three level hierarchy with open a level higher than write and 
write a level higher than read. 



Regarding Claim 4, 

Belani teaches a server according to claim 1 , wherein, said detection means 
checks, when there is a request from the user to change the setting value for either of 
the permission levels, for consistency of the permission setting value for each level 
higher than the level for which the change request has been made with the setting 
value for which the change request has been made. ("The access controller is configured 
to receive a request from a particular user requesting performance of one or more operations 
on a particular resource. The access controller attempts to resolve permissions for the 
operations in the request based on access list information... If the permissions are not resolved 
for all the requested operations, the access controller attempts to resolve permissions for the 
unresolved operations by tracing up the user hierarchy information for the user to determine if 
permissions have been asserted" Column 2, lines 64-67 and Column 3 lines 1, 8-12) 

The Examiner interprets requesting a change in permission as requesting a 
permission that the user does not possess on the access control list. 

While Belani does teach that "a negative permission may indicate that the user is 
specifically prohibited form performing the operation on the resource" Belani does not 
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explicitly teach that the user may not request changing the setting value for permission 
levels on the said executability of open operation for any of the object information 
items. 

It would have been obvious to one of ordinary skill in the art at the time of the 
rejection to choose a specific operation, such as the open operation, that the user may 
not request changing the setting value for permission levels. 

The motivation is that Belani already possesses an access control list including 
negative permissions. Without any modification to the system and administrator or one 
of ordinary skill in the art could choose one operation that the user may not change by 
applying a negative permission on that resource. 

Regarding Claim 5, 

Belani teaches a server according to claim 4, wherein, said detection means 
corrects, when there is contradiction in said consistency, the permission setting value 
for each level higher than the level for which the request to change the setting value 
has been made, ("if any of the second level ancestors have been granted specific positive or 
negative permissions for one or more unresolved operations, the permissions for those 
operations are inherited by user U1, and those operations are considered resolved. " (Column 
12, lines 21-26)) The Examiner interprets the contradiction in consistency as the 
difference between the inherited permission values and the specific granted 
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permissions. The Examiner further interprets the operations being resolved as the 
detection means correcting the inconsistency. 

Regarding Claim 6, 

Belani teaches a server according to claim 4, wherein said second means 
manages said object information items by imparting vertical relations thereto in 
accordance with types of the object information items and systematically categorizing 
the object information items. (Figures 6 and 7 show hierarchical relations in accordance to 
types of object information items and systematically categorizing object information items) 

The Examiner interprets "vertical relations" as hierarchical relations. 

Regarding Claim 7, 

Belani teaches a server according to claim 6, wherein, said detection means checks, 
when there is a request from the user to change the permission setting value for an 
arbitrary one of the levels for any of the object information items, consistency of the 
permission setting value belonging to each of the object information items higher in 
rank than the object information item to which the setting value that has received the 
change request belongs with the setting value that has received the change request. 
("The access controller is configured to receive a request from a particular user requesting 
performance of one or more operations on a particular resource. The access controller 
attempts to resolve permissions for the operations in the request based on access list 
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information... If the permissions are not resolved for all the requested operations, the access 
controller attempts to resolve permissions for the unresolved operations by tracing up the user 
hierarchy information for the user to determine if permissions have been asserted" Column 2, 
lines 64-67 and Column 3 lines 1, 8-12) 

Regarding Claim 8, 

Belani teaches a server according to claim 7, wherein, said detection means 
corrects, when there is contradiction in said consistency, the permission setting value 
belonging to any of the object information items higher in rank than the object 
information item to which the setting value that has received said change request 
belongs, ("if any of the second level ancestors have been granted specific positive or 
negative permissions for one or more unresolved operations, the permissions for those 
operations are inherited by user U1, and those operations are considered resolved. " (Column 
12, lines 21-26)) The Examiner interprets the contradiction in consistency as the 
difference between the inherited permission values and the specific granted 
permissions. The Examiner further interprets the operations being resolved as the 
detection means correcting the inconsistency. 

Regarding Claim 12, 

Belani teaches a server according to claim 11. Belani also teaches "the operation 
which can be performed on a resource may include read, write, publish, subscribe, 
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edit, delete, update, etc." (Column 7, lines 3-5). The Examiner interprets "subscribe" as 
open. 

Belani does not explicitly teach wherein said permission setting values are 
categorized into exactly three respective levels for determining whether an open 
operation, a read operation, and a write operation are executable with respect to any of 
the object information items, and said entry table stores the setting value given to any 
of said three levels. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the server of Belani to have exactly three respective levels, 
determining whether an open operation, a read operation and a write operation are 
executable.. 

The motivation for the modification is that Belani already possesses the access 
control list that represent the three operations, One of ordinary skill in the art would be 
able to make the design choice of implementing a three level hierarchy with these three 
resources. 

Regarding Claim 14, 

Belani teaches a server according to claim 12, further having: means for 
correcting, when there is contradiction between the setting value for which said change 
request has been made and any of the permission setting values higher in rank than 
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the setting value, the higher rank permission setting value. {"If the permissions are not 
resolved for all the requested operations, the access controller attempts to resolve permissions 
for the unresolved operations by tracing up the user hierarchy information for the user to 
determine if permissions have been asserted" Column 3, lines 8-15) 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Harris C. Wang whose telephone number is 
5712701462. The examiner can normally be reached on M-F 8-5:30, Alternate Fridays 
Off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AYAZ R. SHEIKH can be reached on (571)272-3795. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 



Application/Control Number: 10/787,108 



Page 19 



Art Unit: 2139 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




HCW 



TAGHI ARANI 
PRIMARY EXAMINER 



